<%@ page import="java.sql.*" %><%--
  Created by IntelliJ IDEA.
  User: 李学健
  Date: 2024/3/14
  Time: 12:37
  To change this template use File | Settings | File Templates.
--%>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
    <title>Title</title>
</head>
<body>
<h1 style="color: #3880c2">
    登录页面
</h1>
<h1 style="color: #3880c2">
    <a href="../wk06/index.jsp" style="color: crimson">返回主页面</a>
</h1>

<%
    //这个要设置在传输数据之前
    request.setCharacterEncoding("UTF-8");
%>
<form method="post" <%--action="" 不写默认本页面？--%>>
    <label>
        用户名
        <input name="username" type="text">
    </label>
    <label>
        密码
        <input name="password" type="password">
    </label>

    <input type="submit" name="submit2" value="用户登录">
    <input type="submit" name="submit1" value="游客模式">
    <input type="submit" name="submit3" value="管理员登录">

</form>
<%
    request.setCharacterEncoding("UTF-8");
    if (request.getParameter("submit1") != null) {
        response.sendRedirect("fileSystem.jsp?power=0");
    }

    //前往文件管理
    if (request.getParameter("submit2") != null) {
        String username = request.getParameter("username");
        String password = request.getParameter("password");
        try {
            //因为要多次使用查询，用的是Statement对象，至于区别不太清楚

            Class.forName("com.mysql.cj.jdbc.Driver");
            Connection connection = DriverManager.getConnection("jdbc:mysql://localhost:3306/mybatis?useUnicode=true&characterEncoding=UTF-8&zeroDateTimeBehavior=convertToNull&serverTimezone=Asia/Shanghai&useSSL=false", "root", "123456");
            Statement statement = connection.createStatement();
            //注意，这边查询的时候，username和password都要加上单引号，这样sql查询的时候才知道它们是“字符”
            //最好的办法就是抄这边的
            ResultSet resultSet = statement.executeQuery("SELECT * FROM user WHERE username='" + username + "' AND password='" + password + "'" + " AND deleted=0");
            //记录是否查询到了数据
            if (!resultSet.next()) {
                out.print("登录失败");
            } else {
                int userId = resultSet.getInt(1);
                //成功，保存session,记录身份
                session.setAttribute("userId", userId);
                session.setAttribute("username", username);
                //登录成功自动跳转到wk07,权限是1=用户
                //TODO:这里更适合使用  request.getRequestDispatcher().forward();这个就是发送请求,但不跳转页面
                response.sendRedirect("fileSystem.jsp?power=1");
            }
            statement.close();
            connection.close();
        } catch (Exception e) {
            out.print(e.getMessage());
            e.printStackTrace();
        }
    }

    if (request.getParameter("submit3") != null) {
        request.setCharacterEncoding("UTF-8");
        String username = request.getParameter("username");
        String password = request.getParameter("password");
        try {
            //因为要多次使用查询，用的是Statement对象，至于区别不太清楚

            Class.forName("com.mysql.cj.jdbc.Driver");
            Connection connection = DriverManager.getConnection("jdbc:mysql://localhost:3306/mybatis?useUnicode=true&characterEncoding=UTF-8&zeroDateTimeBehavior=convertToNull&serverTimezone=Asia/Shanghai&useSSL=false", "root", "123456");
            Statement statement = connection.createStatement();
            //注意，这边查询的时候，username和password都要加上单引号，这样sql查询的时候才知道它们是“字符”
            //最好的办法就是抄这边的
            ResultSet resultSet = statement.executeQuery("SELECT * FROM user WHERE username='" + username + "' AND password='" + password + "'" + " AND deleted=1");
            //记录是否查询到了数据
            if (!resultSet.next()) {
                out.print("登录失败");
            } else {
                //成功，保存session,记录身份
                session.setAttribute("username", username);
                session.setAttribute("password", password);
                session.setAttribute("isAdmin", true);
                //登录成功自动跳转到adminPage
                response.sendRedirect("fileManagement.jsp");
            }
            statement.close();
            connection.close();
        } catch (Exception e) {
            out.print(e.getMessage());
            e.printStackTrace();
        }
    }
%>
</body>
</html>
